Beyond the capability of identifying, extracting, and exposing malicious content from hundreds of file types. InQuest Deep File Inspection (DFI) utilizes machine vision and optical character recognition (OCR) to identify the social engineering component of a variety of malware lures. This is one of a myriad of techniques that we employ to detect novel malware that may leverage previous unseen pivots.

InQuest provides the ability to capture and catalog all web and e-mail session information and files at a "carrier class" 20 Gbps. We also support the capability to scrutinize HTTP and SMTP headers.

Click below to learn more about how we beat traditional security defenses.

This write-up details how the InQuest platform is used to identify malicious documents that have payloads that were generated by PowerShell Empire. A go-to framework for pentesters, redteamers, and cybercriminals, PowerShell Empire has a robust capability for exploitation and post-exploitation. Listeners, Stagers, and Agents are detailed within a demonstration of a spear-phishing type of attack. The highlight of the discussion shows how the InQuest platform was able to detect the malicious document and combination of signatures contextually dictated the threat score of the file..

In this article, we present our in-depth analysis of a malicious Excel document (.xls format) that we found in the wild. We show how existing open source tools can be utilized to carve useful information from such a document. During this analysis, we also point out the limitation of existing tools in carving certain types of information from .xls documents and present our solution to extract such information.

The extensive collection of files on the MEGA cloud service that exposed nearly 773 million unique emails and 21 million unique passwords and was posted on a hacking forum, came from a number of breaches and sources.

The Department of Homeland Security has issued an emergency directive ordering administrators of most federal agencies to protect their Internet domains against a rash of attacks that have hit executive branch websites and email servers in recent weeks.